Lucene search
K

5 matches found

CNNVD
CNNVD
added 2025/03/17 12:0 a.m.2 views

Uptime Kuma 安全漏洞

Uptime Kuma is an easy-to-use, self-hosted monitoring tool from the individual developer Louis Lam. A security vulnerability exists in Uptime Kuma 1.23.0 and prior versions that stems from a regular expression denial of service...

6CVSS6.5AI score0.00366EPSS
Exploits0References3
OSV
OSV
added 2023/12/11 10:32 p.m.25 views

CVE-2023-49804 Uptime Kuma Password Change Vulnerability

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, when a user changes their login password in Uptime Kuma, a previously logged-in user retains access without being logged out. This behavior persists consistently, even after system restarts or browser restarts. Th...

6.7CVSS7.5AI score0.00263EPSS
Exploits0References5
OSV
OSV
added 2023/10/09 3:15 p.m.27 views

CVE-2023-44400 Uptime Kuma has Persistentent User Sessions

Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user's device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the...

6.7CVSS7.7AI score0.00267EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.5 views

Uptime Kuma 跨站脚本漏洞

Uptime Kuma is an easy-to-use, self-hosted monitoring tool from the individual developer Louis Lam. A security vulnerability exists in Uptime Kuma versions prior to 1.20.0, which stems from the Uptime Kuma name parameter allowing persistent XSS attacks...

6.3CVSS5.6AI score0.00474EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.4 views

PT-2023-20320 · Unknown · Uptime Kuma

Name of the Vulnerable Software and Affected Versions: Uptime Kuma versions prior to 1.20.0 Description: Uptime Kuma is a self-hosted monitoring tool. The Uptime Kuma status page allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability...

6.3CVSS5.3AI score0.00396EPSS
Exploits0References7
Rows per page
Query Builder